-
Notifications
You must be signed in to change notification settings - Fork 0
/
module-1.html
392 lines (371 loc) · 16.1 KB
/
module-1.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
<!DOCTYPE HTML>
<html>
<head>
<title>M1: Launching into Cyber Security</title>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no" />
<link rel="stylesheet" href="assets/css/main.css" />
<noscript>
<link rel="stylesheet" href="assets/css/noscript.css" />
</noscript>
</head>
<body class="left-sidebar is-preload">
<div id="page-wrapper">
<!-- Header -->
<div id="header">
<!-- Inner -->
<div class="inner">
<header>
<h1><a href="/e-Portfolio/module-1" id="logo">M1: Launching into Cyber Security</a></h1>
</header>
</div>
<!-- Nav -->
<nav id="nav">
<ul>
<li><a href="/e-Portfolio">Home</a></li>
<li>
<a href="/e-Portfolio/pg-cert-cyber-security">PG Cert Cyber Security</a>
<ul>
<li><a href="/e-Portfolio/module-1">M1: Launching into Cyber Security</a></li>
<li>
<a href="/e-Portfolio/module-2">M2: Security and Risk Management <i
class="fa fa-solid fa-caret-right"></i></a>
<ul>
<li><a href="/e-Portfolio/module-2-individual-investigations">A. Individual
Investigations</a></li>
<li><a href="/e-Portfolio/module-2-seminar-activities">B. Seminar Activities</a>
</li>
<li><a href="/e-Portfolio/module-2-team-project">C. Team Project</a></li>
</ul>
</li>
<li><a href="/e-Portfolio/module-3">M3: Network Security</a></li>
<li><a href="/e-Portfolio/module-4">M4: Secure Software Development</a></li>
</ul>
</li>
<li>
<a href="/e-Portfolio/pg-dip-cyber-security">PG Dip Cyber Security</a>
<ul>
<li><a href="/e-Portfolio/module-5">M5: The Human Factor</a></li>
<li><a href="/e-Portfolio/module-6">M6: Research Methods and Professional Practice</a></li>
</ul>
</li>
</ul>
</nav>
</div>
<!-- Main -->
<div class="wrapper style1">
<div class="container">
<div class="row gtr-200">
<div class="col-4 col-12-mobile" id="sidebar">
<hr class="first" />
<section>
<header>
<h3>About Module 1</h3>
</header>
<p>
The Launching into Cyber Security module aims to provide a high level overview of the
key skills needed for a cyber security career.
</p>
<footer>
<a href="https://online.essex.ac.uk/wp-content/uploads/One-page-module-guides/Computing/LCYS.pdf"
class="button info" target="_session-frame">Learn more</a>
<a href="https://www.my-course.co.uk/course/view.php?id=8491" class="button module"
target="_session-frame">Go to
course</a>
<br><br>
<span class="site-note">*Some hyperlinks require access to the Launching into Cyber
Security Module (LCYS_PCOM7E June 2022) within the University of Essex's Online
Virtual Learning Environment.</span>
</footer>
</section>
<hr />
<section>
<header>
<h3>Module 1 Highlights</h3>
</header>
<div class="row gtr-50">
<div class="col-1"><i class="fa fa-solid fa-caret-right"></i></div>
<div class="col-11">
<h4><a href="#m1-cld1">Collaborative Learning Discussion 1: Summary Post</a></h4>
<p>
Why is it important to invest in Cyber Security?
</p>
<a href="https://www.my-course.co.uk/mod/forum/view.php?id=662702"
class="button module" target="_session-frame">View CLD1 forum</a>
</div>
<div class="col-1"><i class="fa fa-solid fa-caret-right"></i></div>
<div class="col-11">
<h4><a href="#m1-cld2">Collaborative Learning Discussion 2: Summary Post</a></h4>
<p>
In which context can security technologies be employed?
</p>
<a href="https://www.my-course.co.uk/mod/forum/view.php?id=662739"
class="button module" target="_session-frame">View CLD2 forum</a>
</div>
</div>
</section>
<br>
<br>
<br>
<br>
<br>
<!-- Back to top -->
<section class="back-to-top">
<header>
<a href="#" class="button top"><i class="fa fa-solid fa-arrow-up"></i></a>
</header>
</section>
</div>
<div class="col-8 col-12-mobile imp-mobile" id="content">
<article id="main">
<header>
<a name="m1-cld1"></a>
<h2><a href="https://www.my-course.co.uk/mod/forum/discuss.php?d=113645"
target="_session-frame">Collaborative Learning Discussion 1: Summary Post</a>
</h2>
<p>
<blockquote>Discuss why Cyber Security is now a global issue and why it is important for
companies to invest in Cyber Security.</blockquote>
</p>
</header>
<a href="/e-Portfolio/images/m1-cld1.jpg" class="image featured"
target="_session-frame"><img src="images/m1-cld1.jpg" alt="" /></a>
<p>
An organisation that becomes a global leader and investor in cybersecurity has a
competitive edge, as being resilient to cyber-attacks is economically beneficial. The
Economic Impact of Cybercrime global report uncovers that the potential annual global
cost of cybercrime could reach approximately $600 billion (Lewis, 2018).
</p>
<p>
Threat profiling in "the gray zone", where the violation of public-private, foreign or
domestic legal boundaries is not apparent, is a challenge (Sheppard & Conklin, 2019).
Since 19 May 2022, US "white hat hackers" accessing a computer for "good faith security
research" are no longer punished, although the interpretation of "good faith" is
criticised as subjective and "ambiguous" (Coker, 2022; Department of Justice, 2022).
</p>
<p>
In worm attacks, data encrypted by malicious actors may be unrecoverable even if the
ransom has been paid. In 2017, the WannaCry worm used the EternalBlue vulnerability
which disrupted the car production of Renault-Nissan, a multinational company and many
of Britain's National Health Service emergency services became non-operational, until a
"kill switch" was found. (Anderson, 2020) The downtime of critical services leaves a
devastating impact on the company's reputation and its stakeholders' trust - especially
involving "functional safety systems such as Schneider electric products", as noted by
James Hines. Time impact is the greatest for large companies, from the extra capacity
needed to make up for lost productivity and in handling the breaches (Cyber Security
Breaches Survey, 2019).
</p>
<p>
Security awareness and education are essential. The least careful staff with privileged
access determines how secure an organisation is (VanSyckel, 2018). As Laura Saxton
mentioned, companies may not prioritise a security incident "proactive response policy"
in place of "a reactive one" (2022). Threat actors are less likely to attack an
expensive target (Borg, 2018). Establishing defensive strategies along with an incident
recovery process to mitigate and isolate threats and performing regular backups are
highly recommended as industry practices. Keeping up-to-date with the security releases
and latest patches of software systems minimises the risk of known vulnerabilities
exposure, saving long-term hidden costs. (Anderson, 2020)
</p>
<section>
<header>
<h3>References</h3>
</header>
<p>
Anderson, R. (2020) <i>Security Engineering: A Guide to Building Dependable
Distributed Systems.</i> 3rd ed. Indiana: Wiley & Sons.
</p>
<p>
Borg, S. (2018) Seven Overlapping Theses on Cyber-Security Education. In: New
Approaches to Cybersecurity Education (NACE) Workshop. [online] pp.1-6. Available
at: [Accessed 4 July 2022].
</p>
<p>
Coker, J. (2022) DOJ:White hat hackers will no longer face prosecution. Available
from: https://www.infosecurity-magazine.com/news/doj-white-hat-hackers-prosecution/
[Accessed 04 July 2022].
</p>
<p>
Department for Digital, Culture, Media and Sport (2019) Cyber Security Breachers
Survey.
</p>
<p>
Department of Justice. (2022) <i>Department of Justice Announces New Policy for
Charging Cases under the Computer Fraud and Abuse Act.</i> U.S. Department of
Justice.
</p>
<p>
Hines, J. (2022) Peer Response -- James Hines. [Blog] <i>Initial Post -- Xue Ling
Teh</i>>, Available from:
https://www.my-course.co.uk/mod/forum/discuss.php?d=112685#p153416 [Accessed 4 July
2022].
</p>
<p>
Lewis, J. (2018) <i>Economic Impact of Cybercrime – No Slowing Down.</i> Center for
Strategic and International Studies (CSIS) & McAfee, p.6. Available from:
https://csis-website-prod.s3.amazonaws.com/s3fs-public/publication/economic-impact-cybercrime.pdf
[Accessed 29 June 2022].
</p>
<p>
Saxton, L. (2022) Peer Response -- Laura Saxton. [Blog] <i>Initial Post -- Xue Ling
Teh</i>, Available from:
https://www.my-course.co.uk/mod/forum/discuss.php?d=112685#p152687 [Accessed 3 July
2022].
</p>
<p>
Sheppard, L. & Conklin, M. (2019) <i>Warning for the Gray Zone.</i> By Other Means
Part II: Adapting to Compete in the Gray Zone. [online] Center for Strategic and
International Studies (CSIS). Available from:
https://www.csis.org/analysis/warning-gray-zone [Accessed 4 July 2022].
</p>
<p>
VanSyckel, L. (2018) Introducing Cybersecurity. Sealevel Systems, Inc.
</p>
</section>
<header>
<a name="m1-cld2"></a>
<h2><a href="https://www.my-course.co.uk/mod/forum/discuss.php?d=115972"
target="_session-frame">Collaborative Learning Discussion 2: Summary Post</a>
</h2>
<p>
<blockquote>Identify and discuss two security technologies and the context in which they
can be employed.</blockquote>
</p>
</header>
<a href="/e-Portfolio/images/m1-cld2.jpg" class="image featured"
target="_session-frame"><img src="images/m1-cld2.jpg" alt="" /></a>
<section>
<header>
<h3>Introduction</h3>
</header>
<p>
Unprotected networks are insecure, being easy targets that are vulnerable to
threats. Multilayered network security, such as early detection via an Intrusion
Detection System (IDS), is crucial in protecting systems and environments from
various threats at different levels. Furthermore, establishing a Security Incident
and Event Management (SIEM) solution to handle unprecedented incidents well
mitigates the consequences in the event of a potential breach.
</p>
</section>
<section>
<header>
<h3>Intrusion Detection System (IDS)</h3>
</header>
<p>
The goal of an IDS is to detect malicious network activity through misuse or
anomalies. Two approaches to IDS are signature-based and anomaly-based detections
(Hines, 2022). Antivirus software, a widely marketed IDS solution, scans for
indicators of compromise (IoC) from virus data patterns or signatures (Anderson,
2020). IDS is applicable in security operations - monitoring the traffic origin,
access and system logs, detecting changes or deviations in data known as outliers
and anomalies, ruling them out as suspicious activity.
</p>
</section>
<section>
<header>
<h3>Security Incident and Event Management (SIEM)</h3>
</header>
<p>
The SIEM is a centralised platform derived from the concept of Security Information
Management (SIM) and Security Event Management (SEM) (Esseghir et al., 2022). The
SIEM gathers real-time events from a variety of sensors, which includes capturing
session packets from malicious connections and events for network forensics
(González-Granadillo et al., 2021). Given a set of rules, the SIEM parses, groups
and synthesises the signals into meaningful insights for further analysis by the
security operations team, especially during security incidents.
</p>
</section>
<section>
<header>
<h3>Conclusion</h3>
</header>
<p>
A combination of the use of IDS to detect anomalies in network traffic and the SIEM
to respond to alerts is key to protecting and securing networks and systems, which
is my affirmative response to Laura Saxton's question of whether both should be used
in tandem (2022). A distinguishing factor in effectively managing security incidents
is the adaptability of existing security solutions for different industrial use
cases.
</p>
</section>
<section>
<header>
<h3>References</h3>
</header>
<p>
Anderson, R. (2020) <i>Security Engineering: A Guide to Building Dependable
Distributed Systems.</i> 3rd ed. Indiana: Wiley & Sons.
</p>
<p>
Esseghir, A., Kamoun, F. & Hraiech, O. (2022) AKER: An open-source security platform
integrating IDS and SIEM functions with encrypted traffic analytic capability.
*Journal of cyber security technology* 6(1-2): 1-38. DOI:
https://doi.org/10.1080/23742917.2022.2058836
</p>
<p>
González-Granadillo, G., González-Zarzosa, S. & Diaz, R. (2021) Security information
and event management (SIEM): analysis, trends, and usage in critical
infrastructures. *Sensors* 21(14): 4759. DOI: https://doi.org/10.3390/s21144759
</p>
<p>
Hines, J. (2022) Peer Response -- James Hines. [Blog] Initial Post -- Xue Ling Teh,
Available from: https://www.my-course.co.uk/mod/forum/discuss.php?d=115360#p155951
[Accessed 6 August 2022].
</p>
<p>
Saxton, L. (2022) Peer Response -- Laura Saxton. [Blog] Initial Post -- Xue Ling
Teh, Available from:
https://www.my-course.co.uk/mod/forum/discuss.php?d=115360#p155636 [Accessed 6
August 2022].
</p>
</section>
</article>
</div>
</div>
</div>
</div>
<!-- Footer -->
<div id="footer">
<div class="container">
<div class="row">
<div class="col-12">
<!-- Contact -->
<section class="contact">
<header>
<h3>Your next quest?</h3>
</header>
<p>Feel free to reach out - I'd love to hear your story!</p>
<ul class="icons">
<li><a href="mailto:xt22073@essex.ac.uk" class="icon fa fa-envelope"><span
class="label">Email</span></a></li>
<li><a href="https://github.com/xcelt/e-Portfolio" class="icon brands fa-github"
target="_session-frame"><span class="label">GitHub</span></a></li>
<li><a href="https://www.linkedin.com/in/thecelineteh/"
class="icon brands fa-linkedin-in" target="_session-frame"><span
class="label">Linkedin</span></a></li>
</ul>
</section>
<!-- Copyright -->
<div class="copyright">
<ul class="menu">
<li>Maintained by <a href="https://github.com/xcelt" target="_session-frame">xcelt</a>
<script>document.write(new Date().getFullYear())</script>
</li>
<li>Design: <a href="http://html5up.net" target="_session-frame">HTML5 UP</a></li>
</ul>
</div>
</div>
</div>
</div>
</div>
</div>
<!-- Scripts -->
<script src="assets/js/jquery.min.js"></script>
<script src="assets/js/jquery.dropotron.min.js"></script>
<script src="assets/js/jquery.scrolly.min.js"></script>
<script src="assets/js/jquery.scrollex.min.js"></script>
<script src="assets/js/browser.min.js"></script>
<script src="assets/js/breakpoints.min.js"></script>
<script src="assets/js/util.js"></script>
<script src="assets/js/main.js"></script>
</body>
</html>